rvtr/TwlIPL
1
Fork 0
mirror of https://github.com/rvtr/TwlIPL.git synced 2025-10-31 06:01:12 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

JPEG署名用のAES鍵セットを行うよう変更。

Browse Source 
makerom.TWL.launcherの更新。

git-svn-id: file:///Users/lillianskinner/Downloads/platinum/twl/TwlIPL/trunk@1489 b08762b0-b915-fc4b-9d8c-17b2551a87ff
This commit is contained in:
yosiokat 2008-05-23 05:04:48 +00:00
parent 97b4809aa4
commit c590753fab
9 changed files with 89 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
build/components/hyena.TWL/src/main.c
View File

@ -189,9 +189,13 @@ TwlSpMain(void)
InitializeNwm(mainHeapHandle, mainHeapHandle); // NWM <20>‰Šú‰»
#ifndef SDK_NOCRYPTO
AES_Init(); // AES <20>‰Šú‰»
// NANDファームがHW_LAUNCHER_DELIVER_PARAM_BUFへのAES_SEEDセットを行ってくれるので、ISデバッガ接続に関係なくSDK_SEA_KEY_STOREへのコピーを行えばよい
MI_CpuCopyFast( (void *)HW_LAUNCHER_DELIVER_PARAM_BUF, (void *)SDK_SEA_KEY_STORE, HW_LAUNCHER_DELIVER_PARAM_BUF_SIZE );
{
// JPEGエンコード用の鍵セット
SYSMi_SetAESKeysForSignJPEG( (ROM_Header *)HW_TWL_ROM_HEADER_BUF, NULL, NULL );
// NANDファームがHW_LAUNCHER_DELIVER_PARAM_BUFへのAES_SEEDセットを行ってくれるので、ISデバッガ接続に関係なくSDK_SEA_KEY_STOREへのコピーを行えばよい
MI_CpuCopyFast( (void *)HW_LAUNCHER_DELIVER_PARAM_BUF, (void *)SDK_SEA_KEY_STORE, HW_LAUNCHER_DELIVER_PARAM_BUF_SIZE );
}
#ifdef SDK_SEA
SEA_Init();

3
build/libraries_sysmenu/boot/ARM7/src/bootAPI.c
View File

@ -159,6 +159,9 @@ BOOL BOOT_WaitStart( void )
int list_count = PRE_CLEAR_NUM_MAX + 1;
int l;
u32 *post_clear_list;
// [TODO] WRAM_0_1はちゃんと消えてるblowfishやaes鍵を引き渡しているので心配
// メモリリストの設定
// [TODO:] ショップアプリで鍵を残す場合、NANDファーム引数の領域WRAMにあるを消さないように注意。
// WRAMリマップ後の消し漏れやバッファオーバランの懸念回避のため不要な鍵はpre clearで消す。

58
build/libraries_sysmenu/sysmenu/ARM7/src/setAESKey.c
View File

@ -27,6 +27,8 @@
// define data-----------------------------------------------------------------
// extern data-----------------------------------------------------------------
// function's prototype-------------------------------------------------------
void SYSMi_SetAESKeysForAccessControlCore( ROM_Header *pROMH, u8 *pDst, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC );
// global variable-------------------------------------------------------------
// static variable-------------------------------------------------------------
// const data------------------------------------------------------------------
@ -52,6 +54,16 @@ static const u8 dev_seedSlotC[] = {
0x49, 0x04, 0x6B, 0x33, 0x12, 0x02, 0xAC, 0xF3,
};
static const u8 dev_jpegEncodeKeyForLauncher[] = {
0xEF, 0x9A, 0xB3, 0x39, 0x48, 0x3C, 0x2B, 0x13,
0x39, 0x31, 0xA5, 0x3F, 0x86, 0x25, 0x9B, 0xB3,
};
static const u8 dev_jpegEncodeKeyForNormal[] = {
0x79, 0xAF, 0xFE, 0xA7, 0xF3, 0x6A, 0xB7, 0xBE,
0x83, 0xB6, 0x41, 0xFD, 0xFC, 0x42, 0xD7, 0x3B,
};
// ============================================================================
//
@ -66,8 +78,8 @@ void SYSMi_SetAESKeysForAccessControl( BOOL isNtrMode, ROM_Header *pROMH )
// Œ®ÌƒZƒbƒg
MI_CpuClearFast( (void *)HW_LAUNCHER_DELIVER_PARAM_BUF, HW_LAUNCHER_DELIVER_PARAM_BUF_SIZE );
if( !isNtrMode &&
( pROMH->s.titleID_Hi & TITLE_ID_HI_SECURE_FLAG_MASK ) ) {
if( !isNtrMode ) {
SYSMi_SetAESKeysForSignJPEG( pROMH, &isClearSlotB, &isClearSlotC );
SYSMi_SetAESKeysForAccessControlCore( pROMH, (u8 *)HW_LAUNCHER_DELIVER_PARAM_BUF, &isClearSlotB, &isClearSlotC );
}
@ -88,9 +100,51 @@ void SYSMi_SetAESKeysForAccessControl( BOOL isNtrMode, ROM_Header *pROMH )
}
}
void SYSMi_SetAESKeysForSignJPEG( ROM_Header *pROMH, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC )
{
void *pAESKey;
if( ( pROMH->s.titleID_Hi & TITLE_ID_HI_SECURE_FLAG_MASK ) &&
( 0 == STD_CompareNString( (const char *)&pROMH->s.titleID_Lo[ 1 ], "ANH", 3 ) ) ) {
// for Launcher
pAESKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
&( OSi_GetFromFirmAddr()->rsa_pubkey[ 3 ][ 0x30 ] ) : (void *)dev_jpegEncodeKeyForLauncher;
if( pIsClearSlotC ) {
*pIsClearSlotC = FALSE;
}
// AESスロットのデフォルト値セット
AES_Lock();
AES_SetKeyC( pAESKey );
AES_Unlock();
}else {
// SignJPEG用AESキー
if ( pROMH->s.access_control.hw_aes_slot_B_SignJPEGForLauncher == TRUE) {
// for Launcher
pAESKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
&( OSi_GetFromFirmAddr()->rsa_pubkey[ 3 ][ 0x30 ] ) : (void *)dev_jpegEncodeKeyForLauncher;
}else {
// for ノーマルアプリ
pAESKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?
&( OSi_GetFromFirmAddr()->rsa_pubkey[ 3 ][ 0x40 ] ) : (void *)dev_jpegEncodeKeyForNormal;
}
if( pIsClearSlotB ) {
*pIsClearSlotB = FALSE;
}
// AESスロットのデフォルト値セット
AES_Lock();
AES_SetKeyB( pAESKey );
AES_Unlock();
}
}
void SYSMi_SetAESKeysForAccessControlCore( ROM_Header *pROMH, u8 *pDst, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC )
{
// セキュアアプリ以外はセットなし
if ( !( pROMH->s.titleID_Hi & TITLE_ID_HI_SECURE_FLAG_MASK ) ) {
return;
}
// commonClientKey
if( pROMH->s.access_control.common_client_key ) {
void *pCommonKey = ( SCFG_GetBondingOption() == SCFG_OP_PRODUCT ) ?

4
build/libraries_sysmenu/sysmenu/ARM9/src/sysmenu_lib.c
View File

@ -123,8 +123,8 @@ void SYSMi_SendKeysToARM7( void )
{
MI_SetWramBank(MI_WRAM_ARM9_ALL);
// DS互換BlowfishテーブルをARM7へ渡す
MI_CpuCopyFast( &((OSFromFirm9Buf *)HW_FIRM_FROM_FIRM_BUF)->ds_blowfish, (void *)HW_WRAM_0, sizeof(BLOWFISH_CTX) );
DC_FlushRange( (void *)HW_WRAM_0, sizeof(BLOWFISH_CTX) );
MI_CpuCopyFast( &((OSFromFirm9Buf *)HW_FIRM_FROM_FIRM_BUF)->ds_blowfish, (void *)&GetDeliverBROM9KeyAddr()->ds_blowfish, sizeof(BLOWFISH_CTX) );
DC_FlushRange( (void *)HW_WRAM_0, sizeof(DeliverBROM9Key) );
MI_SetWramBank(MI_WRAM_ARM7_ALL);
}

7
build/libraries_sysmenu/sysmenu/common/include/internal_api.h
View File

@ -72,12 +72,13 @@ void SYSMi_CheckRTC( void );
//-------------------------------------------------------
// AES鍵設定
//-------------------------------------------------------
// JPEG署名用ランチャー、アプリブート共用
void SYSMi_SetAESKeysForSignJPEG( ROM_Header *pROMH, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC );
// アプリブート用
void SYSMi_SetAESKeysForAccessControl( BOOL isNtrMode, ROM_Header *pROMH );
// ランチャー自身用
void SYSMi_SetAESKeysForAccessControlCore( ROM_Header *pROMH, u8 *pDst, BOOL *pIsClearSlotB, BOOL *pIsClearSlotC );
#endif // SDK_ARM7

4
build/libraries_sysmenu/sysmenu/common/src/mountInfo.c
View File

@ -182,7 +182,9 @@ static void SYSMi_SetMountInfoCore( LauncherBootType bootType, NAMTitleId titleI
int i;
char contentpath[ FS_ENTRY_LONGNAME_MAX ];
// [TODO]TMPジャンプ時のcontentパス指定がうまくいっていない。マウントしないようにしたら良い。
// タイトルIDからcontentのファイルパスをセット
STD_TSNPrintf( contentpath, FS_ENTRY_LONGNAME_MAX,
"nand:/title/%08x/%08x/content", (u32)( titleID >> 32 ), titleID );

BIN
docs/鍵管理.xls
View File

Binary file not shown.

14
include/sysmenu/sysmenu_lib/common/sysmenu_work.h
View File

@ -23,6 +23,7 @@
#include <sysmenu/memorymap.h>
#include <sysmenu/reloc_info/common/reloc_info.h>
#include <firm/gcd/blowfish.h>
#ifdef __cplusplus
extern "C" {
@ -183,6 +184,12 @@ typedef struct SDKBootCheckInfo{
}SDKBootCheckInfo;
// ARM9からARM7にWRAM経由で引き渡す鍵情報ワーク
typedef struct DeliverBROM9Key {
BLOWFISH_CTX ds_blowfish;
}DeliverBROM9Key;
//----------------------------------------------------------------------
// SYSM共有ワーク領域のアドレス獲得
//----------------------------------------------------------------------
@ -204,6 +211,13 @@ typedef struct SDKBootCheckInfo{
#define SYSM_GetAppRomHeader() ( (ROM_Header_Short *)SYSM_APP_ROM_HEADER_BUF )
#define SYSM_GetCardRomHeader() SYSM_GetAppRomHeader()
// ARM9から引き渡す鍵情報ワークの取得
#ifdef SDK_ARM9
#define GetDeliverBROM9KeyAddr() ( (DeliverBROM9Key *)HW_WRAM_0 )
#else
#define GetDeliverBROM9KeyAddr() ( (DeliverBROM9Key *)HW_WRAM_0_LTD )
#endif
#ifdef __cplusplus
}
#endif

BIN
tools/bin/makerom.TWL.launcher.exe
View File

Binary file not shown.